Information Management and the Privacy Professional's Role
Information management establishes, implements, and monitors the organization's privacy program under a senior leader such as the CPO, drawing on legal, IT, marketing, HR, and other skills. Privacy professionals research law, educate, design policy, and manage risk amid varied perceptions of acceptable privacy.
Information management focuses on establishing, implementing, and monitoring the privacy program under a senior leader such as the chief privacy officer (CPO). It requires a mix of legal, marketing, sales, HR, public/government relations, and IT skills, and typically involves multiple management levels - executives provide vision and authority, while frontline managers understand procedural and technical realities.
Privacy professionals must weigh both the benefits and risks of using personal information (PI). Perceptions of acceptable privacy vary: decades of surveys split people into privacy fundamentalists, the privacy unconcerned, and privacy pragmatists. Perceptions also shift over time - sometimes toward more protection (Social Security numbers removed from check envelope windows in 2000), sometimes toward less (oversharing on social networks).
- Researching laws, guidelines, common practices, and tools
- Educating and communicating to the organization
- Designing and recommending policies
- Monitoring and managing organizational risk
Remember the three privacy attitude groups: fundamentalists (strong protectors), unconcerned (low worry), and pragmatists (context-dependent, will trade privacy for benefit). Pragmatists are the largest, context-sensitive middle.